Cybercriminals continue to evolve and refine their attack tactics to evade detection and use techniques that work. Spearphishing emails are on the rise because they work. Signature-based detection is ineffective against these constantly changing advanced attacks, so IT security departments need to add a layer of advanced threat protection to their security defenses.

FireEye may have come up with that additional layer. The company came up with a list of the top words used in successful spear-phishing attacks geared toward corporate networks. The report is not surprisingly titled “Top Words Used in Spear Phishing Attacks to Successfully Compromise Enterprise Networks and Steal Data” and identifies the social engineering techniques cybercriminals use in email-based advanced cyber attacks. According to the report, the top words cybercriminals use create a sense of urgency, to trick unsuspecting recipients into downloading malicious files. The top word category used to evade traditional IT security defenses in email-based attacks relates to express shipping. The report pointed out that express shipping terms are included in about one quarter of attacks, including “DHL,” “UPS” and “delivery.” Urgent terms such as “notification” and “alert” are included in about 10 percent of attacks. An example of a malicious attachment is “UPS-Delivery-Confirmation-Alert_April-2012.zip.”

Finance, travel and billing words are popular, too.

What a great idea to pull this together. Anyone who has gotten — and actually looked at — enough spam can figure out a bit of a pattern to phishing attacks. For instance, I’ll get an unusually high number of emails alerting me to problems in a package delivery in one month and the next month, I’ll get a ton of emails telling me that friends and family are sending me e-cards. (Right now, I’m getting a slew of LinkedIn alerts, all of which have some kind of code words or phrases.)

Having a solid working list of code words helps security folks set up filters to send these phishing messages directly to spam. The words in the report can also be easily shared with employees who now have something to check against if they are unsure of the validity of an email.

I’m kind of surprised that I haven’t seen anything like this sooner. It is so simplistic an idea, yet so valuable in providing an extra layer of protection to the network.

IT Solutions Builder
TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD

Which topic are you interested in?

Mobile

Security

Networks/IoT

Cloud

Data Storage

Applications

Development

IT Management

Other

What is your company size?

What is your job title?

What is your job function?

Searching our resource database to find your matches...

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

By submitting your information, you agree that itbusinessedge.com may send you ITBbusinessEdge offers via email, phone and text message, as well as email offers about other products and services that ITBbusinessEdge believes may be of interest to you. ITBbusinessEdge will process your information in accordance with the Quinstreet Privacy Policy.

Please enable Javascript in your browser, before you post the comment! Now Javascript is disabled.

Post a comment

Your name/nickname

Your email

WebSite

Subject

(Maximum characters: 1200). You have 1200 characters left.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

By submitting your information, you agree that itbusinessedge.com may send you ITBbusinessEdge offers via email, phone and text message, as well as email offers about other products and services that ITBbusinessEdge believes may be of interest to you. ITBbusinessEdge will process your information in accordance with the Quinstreet Privacy Policy.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

By submitting your information, you agree that itbusinessedge.com may send you ITBbusinessEdge offers via email, phone and text message, as well as email offers about other products and services that ITBbusinessEdge believes may be of interest to you. ITBbusinessEdge will process your information in accordance with the Quinstreet Privacy Policy.